Some users of a message system send high volumes of unsolicited, unwanted messages (“spam”) to users of the messaging system. Often the spam messages are advertising. Sometimes spam messages contain malicious software or links that may attack the device receiving the message, attempt to obtain private user information, or otherwise perform malicious actions. Administrators of message systems want to protect users of the messaging system from such attacks via messages. Administrators of messaging systems also do not want to provide resources to process the high volume of spam messages.
Current methods of detecting spam, or a sender of spam, rely upon the message system accessing the clear text of a message. The clear text of the message is analyzed to determine keywords that may indicate spam. Message attachments may be scanned to determine whether they contain malware or spam. A message determined to be spam may be quarantined or put into a special folder on the message service or on the receiving client device. However, reliance upon a server reading the clear text of a message does not work when the message is encrypted. Further, quarantining messages does not slow, deter, or stop a sender of spam from continuing the practice of sending spam messages. Thus, message services continue to have to spend resources on analyzing received messages and users continue to receive the spam messages. The spammer does not incur any computational cost for having sent the spam messages and is not deterred, delayed, or otherwise discouraged from continuing the practice of sending spam messages over the messaging service to receiving clients.